• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.259-273
• /
• 2016

After realizing through the three large-scale data leakage incidents that intentional or accidental insider jobs are more serious than external intrusions, financial companies in Korea have been taking measures to prevent data leakage from occuring again. But, the IT system architecture reflecting the domestic financial environment is highly complicated and thereby difficult to grasp. It is obvious that despite administrative, physical, and technical controls, insider threats are likely to cause personal data leakage. In this paper, we present a process that based on metadata defines and manages personally identifiable attribute data, and that through inter-table integration identifies personal information broadly and controls access. This process is to decrease the likelihood of violating compliance outlined by the financial supervisory authority, and to reinforce internal controls. We derive and verify a decision-making model that reflects the proposed process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.905-914
• /
• 2015

Once information security solution is implemented, it requires many services other than just general user management, such as malicious code analysis and security updated for consistent security against external threats or attacks, analysis of threat and attack, effectivity management of obtained security assurance, and advisory activities of security technical professionals. However, even if information security solutions provide those extra services, they are not properly treated in real market. Thus, for the security sustainable services, this study analyzes the service status of domestic information security, and suggest policy measure of price which could reflected the characteristics of information security solutions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1169-1177
• /
• 2018

Modern society is a period of rapid digital transformation. This digital-centric business proliferation offers convenience and efficiency to businesses and individuals, but cyber threats are increasing. In particular, cyber attacks are becoming more and more intelligent and precise, and various attempts have been made to prevent these attacks from being discovered. Therefore, it is increasingly difficult to respond to such attacks. According to the cyber kill chain concept, the attacker penetrates to achieve the goal in several stages. We aim to detect one of these stages and neutralize the attack. In this paper, we propose a method to detect anomalous traffic caused by an agent attacking an external attacker, assuming that an agent executing a malicious action has been introduced in advance due to various reasons such as a system error or a user's mistake.

• Strategy21
• /
• s.39
• /
• pp.47-81
• /
• 2016

This paper has attempted to examine the political and operational contexts within which North Korea's latest acts of nuclear blackmail, its test-firing of an SLBM on April 23rd 2016 and its fourth nuclear test on January 6^th 2016, should be understood. Analysis of the KN-11 SLBM and the Sinpo-class SSB is based on official South Korean, US and others sources, especially the ROK MND, as well as other resources from South Korea, US and others. Unfortunately, the results of this exploration are inconclusive: there is simply not enough evidence available at present to either confirm or refute the existence of a functional North Korean SLBM and SSB. Nevertheless, the North Korean determination to possess such assets should not be taken lightly. But even accepting North Korea's claims about its SLBMs at face value, which is undermined by news of apparently unsuccessful follow-up test-firings in November, and probably December 2015, there is little proof that North Korea has yet succeeded in miniaturizing its nuclear warhead, so the most extravagant fears are not yet justified. Taken together with North Korea's latest announcement of a supposed successful SLBM ejection-test, on March 23^th 2016, the KN-11 SLBM claims should probably be seen as primarily about proving North Korea's status as a nuclear power, both to exert external political pressure and to bolster internal political support for Kim Jong-un's rule. In conclusion, this paper recommends formulating a preemptive anti-access strategy for the ROKN, proposes acquiring an ASW CV and SSNs to implement submarine strategic deterrent patrols, and urges extending the existing limited AORs to facilitate the preemptive anti-access strategy. Other deterrence options may be suggested, but it is surely significant that the ROKN has recently publically referred to the deployment of an ASW CV and SSNs for the first time.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.1
• /
• pp.639-643
• /
• 2018

Laws concerning the protection of personal information have been enacted and revised as the legislation on personal information protection on the basis of the Act on the Protection of Personal Information Maintained by Public Institutions. Nevertheless, there have been continuing threats resulting from the fact that restrictions on security subject to laws remain unclear. By proposing protected access utilizing a unique identification key of enterprises, regarding the personal information of various internal and external clients held by international manufacturing companies and attempting to make policy aspect and management access at the same time, there is a change of gradual decline in cloud personnel information management service, which is the domestic ISP service for personnel management as the technology facilitated to reduce the burden on personnel and cost for the protection of personal information and the market is also changing to the direction for companies to directly operate. Therefore, this study intends to examine the convenience of integrated management for ensuring security, while confirming the gap on flexibility and safety on management point regarding the human resources of international manufacturing companies arising from its interactions.

• Journal of Aerospace System Engineering
• /
• v.12 no.4
• /
• pp.106-111
• /
• 2018

Hydrodynamic ram phenomenon could be generated by external threats such as impact and blast in the aircraft. High strain rate deformation caused by the hydrodynamic ram phenomenon is one of the main factors to influence structural survivability. Mechanical properties of composite structure change rapidly under conditions of high strain rate. Therefore, it is necessary to experimentally investigate the influence of strain rates for aircraft structural survivability. In this paper, tensile tests of composite material were conducted for low and high strain rates to investigate the influence of the various strain rates. Tensile modulus increases more compared to tensile strength at high strain rate under hydrodynamic ram condition. Regression analysis was conducted to predict tensile modulus at various strain rates because it is one of the main damaging factors for composite structures under high strain rate conditions. Also, the mechanical properties of composite materials were acquired and analyzed under high strain rate conditions. It is hypothesized that the results from this study would be used for designing aircraft composite structures and evaluation considering structural survivability.

• Korean Security Journal
• /
• no.49
• /
• pp.133-154
• /
• 2016

The Seoul subway system has one of the highest transport shares in the city of Seoul. A high number of passengers means that a high level of crimes of all kinds occur on the city's subway system. As such, Seoul Metro, created the Subway Protective Guards System in 2009, in an effort to enhance safety on the subway. But this innovative new system did not resolve problems. In fact, many citizens came to question the effectiveness of the new system, as it did not yield tangible results. This study seeks to deduce the problems and activation strategy of the Subway Protective Guards System. An in-depth study was conducted by interviewing subway protective guards who were squad leaders with five or more years of relevant work experience. Semi-structured interview analysis was utilized to evaluate their responses. Specifically, their responses were deduced to identify the strengths and weaknesses internal to the system and the opportunities and threats posed by the environment external to the system. This study presents measures to improve the system based on the aforementioned analysis. Measures for improvement focused on the following areas: the adoption of an education system in response to terror; recruitment and the possibility of becoming a permanent employee; obtaining partial judicial powers; improvement of work environment; and intensifying the promotion of the system.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• v.29 no.1
• /
• pp.451-456
• /
• 2005

This paper proposes an evaluation model to assessment of development and operation for maritime leisure in Mokpo Port.. The proposed model is combination of SWOT(Strength, Weakness, Opportunity, Threat) and AHP(Analytic Hierarchy Process) to evaluate development and operation for maritime leisure. The evaluation hierarchical structure is structured by ISM(Interpretive structural modeling) and composed of five level. At the third level, It combine SWOT into the assessment system. Strength and Weakness are internal factors. Opportunities and threats are external factors. There are economic and maritime leisure development in the model. There are three development and operation investment as Third-Sector, company, local organization. According to the results, the participants perceive prefer to strength and opportunity and found that the priority for the development and operation for maritime leisure of Third-Sector.

• Journal of Navigation and Port Research
• /
• v.29 no.8 s.104
• /
• pp.715-721
• /
• 2005

This paper proposes an evaluation model to assessment of development and operation for maritime leisure in Mokpo Port.. The proposed model is combination of SWOT(Strength, Weakness, Opportunity, Threat} and AHP(Analytic Hierarchy Process) to evaluate development and operation for maritime leisure. The evaluation hierarchical structure is structured by ISM(interpretive structural modeling} and composed of five level. At the third level, It combine SWOT into the assessment system Strength and Weakness are internal factors. Opportunities and threats are external factors. There are economic and maritime leisure development in the model. There are three development and operation investment as Third-Sector, company, local organization. According to the results, the participants perceive prefer to strength and opportunity and found that the priority for the development and operation for maritime leisure of Third-Sector.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.11
• /
• pp.139-146
• /
• 2020

Cloud computing technology provides economic and efficient system operation and management features to deal with rapidly changing IT technologies. However, this is less used in institutes and companies due to low security of cloud computing service. It is recognized that storing and managing important information, which is confidential in external systems is vulnerable to security threats. In order to enhance security of this cloud computing service, this paper suggests a system and user authentication reinforcement model. The suggested technology guarantees integrity of user authentication information and provides users with convenience by creating blocks for each cloud service and connecting service blocks with chains. The block chain user authentication model offers integrity assurance technology of block chains and system access convenience for SSO users. Even when a server providing cloud computing is invaded, this prevents chained invasions not to affect other systems.